actionpack 7.1.3.1 → 7.1.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +102 -0
- data/lib/abstract_controller/translation.rb +7 -20
- data/lib/action_controller/metal/http_authentication.rb +1 -4
- data/lib/action_controller/metal/strong_parameters.rb +43 -3
- data/lib/action_controller/test_case.rb +3 -3
- data/lib/action_controller.rb +5 -2
- data/lib/action_dispatch/http/filter_parameters.rb +9 -4
- data/lib/action_dispatch/http/mime_type.rb +4 -1
- data/lib/action_dispatch/http/permissions_policy.rb +1 -8
- data/lib/action_dispatch/http/request.rb +26 -6
- data/lib/action_dispatch/middleware/executor.rb +6 -0
- data/lib/action_dispatch/middleware/show_exceptions.rb +15 -5
- data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb +1 -1
- data/lib/action_dispatch/railtie.rb +0 -1
- data/lib/action_dispatch/routing/mapper.rb +50 -13
- data/lib/action_dispatch/system_testing/browser.rb +6 -1
- data/lib/action_dispatch/system_testing/driver.rb +1 -1
- data/lib/action_pack/gem_version.rb +1 -1
- metadata +15 -15
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d6c0075e31a2470da87034e8352742903c176696808a902d17a33b8db79c0cd
|
4
|
+
data.tar.gz: a6c9e27f6650d1356b68de05dd835f7aa663d131410d188034d25c5f745f3a5e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e26080c351f2d9d2218a77a7a4583473eb6ecbec52f8eb5fd2879393f4037459acfaed714c0db8ead7905aa8234b48480d1ab313eb281eda1e9a7c8bb5f2cefe
|
7
|
+
data.tar.gz: bd2fa076443257da863689d42f1ca5e076a91282f374c8389452ec8604fe5e528830cdb5cd7763c79bd4194e1c3345221f2a409e80ae24dc625bba4d08a2d0d1
|
data/CHANGELOG.md
CHANGED
@@ -1,13 +1,110 @@
|
|
1
|
+
## Rails 7.1.4.1 (October 15, 2024) ##
|
2
|
+
|
3
|
+
* Avoid regex backtracking in HTTP Token authentication
|
4
|
+
|
5
|
+
[CVE-2024-47887]
|
6
|
+
|
7
|
+
* Avoid regex backtracking in query parameter filtering
|
8
|
+
|
9
|
+
[CVE-2024-41128]
|
10
|
+
|
11
|
+
## Rails 7.1.4 (August 22, 2024) ##
|
12
|
+
|
13
|
+
* Resolve deprecation warning in latest `selenium-webdriver`.
|
14
|
+
|
15
|
+
*Earlopain*
|
16
|
+
|
17
|
+
* Don't preload Selenium browser when remote.
|
18
|
+
|
19
|
+
*Noah Horton*
|
20
|
+
|
21
|
+
* Fix crash for invalid Content-Type in ShowExceptions middleware.
|
22
|
+
|
23
|
+
*Earlopain*
|
24
|
+
|
25
|
+
* Fix inconsistent results of `params.deep_transform_keys`.
|
26
|
+
|
27
|
+
*Iago Pimenta*
|
28
|
+
|
29
|
+
* Do not report rendered errors except 500.
|
30
|
+
|
31
|
+
*Nikita Vasilevsky*
|
32
|
+
|
33
|
+
* Improve routes source location detection.
|
34
|
+
|
35
|
+
*Jean Boussier*
|
36
|
+
|
37
|
+
* Fix `Request#raw_post` raising `NoMethodError` when `rack.input` is `nil`.
|
38
|
+
|
39
|
+
*Hartley McGuire*
|
40
|
+
|
41
|
+
* Fix url generation in nested engine when script name is empty.
|
42
|
+
|
43
|
+
*zzak*
|
44
|
+
|
45
|
+
* Fix `Mime::Type.parse` handling type parameters for HTTP Accept headers.
|
46
|
+
|
47
|
+
*Taylor Chaparro*
|
48
|
+
|
49
|
+
* Fix the error page that is displayed when a view template is missing to account for nested controller paths in the
|
50
|
+
suggested correct location for the missing template.
|
51
|
+
|
52
|
+
*Joshua Young*
|
53
|
+
|
54
|
+
* Fix a regression in 7.1.3 passing a `to:` option without a controller when the controller is already defined by a scope.
|
55
|
+
|
56
|
+
```ruby
|
57
|
+
Rails.application.routes.draw do
|
58
|
+
controller :home do
|
59
|
+
get "recent", to: "recent_posts"
|
60
|
+
end
|
61
|
+
end
|
62
|
+
```
|
63
|
+
|
64
|
+
*Étienne Barrié*
|
65
|
+
|
66
|
+
* Fix `ActionDispatch::Executor` middleware to report errors handled by `ActionDispatch::ShowExceptions`
|
67
|
+
|
68
|
+
In the default production environment, `ShowExceptions` rescues uncaught errors
|
69
|
+
and returns a response. Because of this the executor wouldn't report production
|
70
|
+
errors with the default Rails configuration.
|
71
|
+
|
72
|
+
*Jean Boussier*
|
73
|
+
|
74
|
+
|
75
|
+
## Rails 7.1.3.4 (June 04, 2024) ##
|
76
|
+
|
77
|
+
* Include the HTTP Permissions-Policy on non-HTML Content-Types
|
78
|
+
[CVE-2024-28103]
|
79
|
+
|
80
|
+
*Aaron Patterson*
|
81
|
+
|
82
|
+
## Rails 7.1.3.3 (May 16, 2024) ##
|
83
|
+
|
84
|
+
* No changes.
|
85
|
+
|
86
|
+
|
87
|
+
## Rails 7.1.3.2 (February 21, 2024) ##
|
88
|
+
|
89
|
+
* Fix `raise_on_missing_translations` not working correctly with the
|
90
|
+
`translate` method in controllers after the patch for CVE-2024-26143.
|
91
|
+
|
92
|
+
*John Hawthorn*
|
93
|
+
|
1
94
|
## Rails 7.1.3.1 (February 21, 2024) ##
|
2
95
|
|
3
96
|
* Fix possible XSS vulnerability with the `translate` method in controllers
|
4
97
|
|
5
98
|
CVE-2024-26143
|
6
99
|
|
100
|
+
*ooooooo-q + Aaron Patterson*
|
101
|
+
|
7
102
|
* Fix ReDoS in Accept header parsing
|
8
103
|
|
9
104
|
CVE-2024-26142
|
10
105
|
|
106
|
+
*Aaron Patterson*
|
107
|
+
|
11
108
|
## Rails 7.1.3 (January 16, 2024) ##
|
12
109
|
|
13
110
|
* Fix including `Rails.application.routes.url_helpers` directly in an
|
@@ -122,6 +219,11 @@
|
|
122
219
|
|
123
220
|
*Mike Dalessio*
|
124
221
|
|
222
|
+
* Ensure an uncaught exception when rendering a Turbo Frame properly breaks
|
223
|
+
out of the Frame and shows the `DebugView` error page in development.
|
224
|
+
|
225
|
+
*Joé Dupuis*
|
226
|
+
|
125
227
|
* The `with_routing` helper can now be called at the class level. When called at the class level, the routes will
|
126
228
|
be setup before each test, and reset after every test. For example:
|
127
229
|
|
@@ -21,25 +21,16 @@ module AbstractController
|
|
21
21
|
key = "#{path}.#{action_name}#{key}"
|
22
22
|
end
|
23
23
|
|
24
|
-
if
|
25
|
-
|
26
|
-
|
27
|
-
|
24
|
+
if ActiveSupport::HtmlSafeTranslation.html_safe_translation_key?(key)
|
25
|
+
if options[:default]
|
26
|
+
options[:default] = [options[:default]] unless options[:default].is_a?(Array)
|
27
|
+
options[:default] = options[:default].map do |value|
|
28
|
+
value.is_a?(String) ? ERB::Util.html_escape(value) : value
|
29
|
+
end
|
28
30
|
end
|
29
31
|
end
|
30
32
|
|
31
|
-
|
32
|
-
options[:default] = [] unless options[:default]
|
33
|
-
options[:default] << MISSING_TRANSLATION
|
34
|
-
end
|
35
|
-
|
36
|
-
result = ActiveSupport::HtmlSafeTranslation.translate(key, **options)
|
37
|
-
|
38
|
-
if result == MISSING_TRANSLATION
|
39
|
-
+"translation missing: #{key}"
|
40
|
-
else
|
41
|
-
result
|
42
|
-
end
|
33
|
+
ActiveSupport::HtmlSafeTranslation.translate(key, **options)
|
43
34
|
end
|
44
35
|
alias :t :translate
|
45
36
|
|
@@ -48,9 +39,5 @@ module AbstractController
|
|
48
39
|
I18n.localize(object, **options)
|
49
40
|
end
|
50
41
|
alias :l :localize
|
51
|
-
|
52
|
-
private
|
53
|
-
MISSING_TRANSLATION = -(2**60)
|
54
|
-
private_constant :MISSING_TRANSLATION
|
55
42
|
end
|
56
43
|
end
|
@@ -507,14 +507,11 @@ module ActionController
|
|
507
507
|
array_params.each { |param| (param[1] || +"").gsub! %r/^"|"$/, "" }
|
508
508
|
end
|
509
509
|
|
510
|
-
WHITESPACED_AUTHN_PAIR_DELIMITERS = /\s*#{AUTHN_PAIR_DELIMITERS}\s*/
|
511
|
-
private_constant :WHITESPACED_AUTHN_PAIR_DELIMITERS
|
512
|
-
|
513
510
|
# This method takes an authorization body and splits up the key-value
|
514
511
|
# pairs by the standardized <tt>:</tt>, <tt>;</tt>, or <tt>\t</tt>
|
515
512
|
# delimiters defined in +AUTHN_PAIR_DELIMITERS+.
|
516
513
|
def raw_params(auth)
|
517
|
-
_raw_params = auth.sub(TOKEN_REGEX, "").split(
|
514
|
+
_raw_params = auth.sub(TOKEN_REGEX, "").split(AUTHN_PAIR_DELIMITERS).map(&:strip)
|
518
515
|
_raw_params.reject!(&:empty?)
|
519
516
|
|
520
517
|
if !_raw_params.first&.start_with?(TOKEN_KEY)
|
@@ -792,7 +792,7 @@ module ActionController
|
|
792
792
|
# from the root hash and from all nested hashes and arrays. The values are unchanged.
|
793
793
|
def deep_transform_keys(&block)
|
794
794
|
new_instance_with_inherited_permitted_status(
|
795
|
-
@parameters
|
795
|
+
_deep_transform_keys_in_object(@parameters, &block).to_unsafe_h
|
796
796
|
)
|
797
797
|
end
|
798
798
|
|
@@ -800,7 +800,7 @@ module ActionController
|
|
800
800
|
# changed keys. This includes the keys from the root hash and from all
|
801
801
|
# nested hashes and arrays. The values are unchanged.
|
802
802
|
def deep_transform_keys!(&block)
|
803
|
-
@parameters
|
803
|
+
@parameters = _deep_transform_keys_in_object(@parameters, &block).to_unsafe_h
|
804
804
|
self
|
805
805
|
end
|
806
806
|
|
@@ -972,7 +972,7 @@ module ActionController
|
|
972
972
|
# the returned array will include empty strings.
|
973
973
|
#
|
974
974
|
# params = ActionController::Parameters.new(tags: "ruby,rails,,web")
|
975
|
-
# params.extract_value(:tags) # => ["ruby", "rails", "", "web"]
|
975
|
+
# params.extract_value(:tags, delimiter: ",") # => ["ruby", "rails", "", "web"]
|
976
976
|
def extract_value(key, delimiter: "_")
|
977
977
|
@parameters[key]&.split(delimiter, -1)
|
978
978
|
end
|
@@ -1035,6 +1035,46 @@ module ActionController
|
|
1035
1035
|
end
|
1036
1036
|
end
|
1037
1037
|
|
1038
|
+
def _deep_transform_keys_in_object(object, &block)
|
1039
|
+
case object
|
1040
|
+
when Hash
|
1041
|
+
object.each_with_object(self.class.new) do |(key, value), result|
|
1042
|
+
result[yield(key)] = _deep_transform_keys_in_object(value, &block)
|
1043
|
+
end
|
1044
|
+
when Parameters
|
1045
|
+
if object.permitted?
|
1046
|
+
object.to_h.deep_transform_keys(&block)
|
1047
|
+
else
|
1048
|
+
object.to_unsafe_h.deep_transform_keys(&block)
|
1049
|
+
end
|
1050
|
+
when Array
|
1051
|
+
object.map { |e| _deep_transform_keys_in_object(e, &block) }
|
1052
|
+
else
|
1053
|
+
object
|
1054
|
+
end
|
1055
|
+
end
|
1056
|
+
|
1057
|
+
def _deep_transform_keys_in_object!(object, &block)
|
1058
|
+
case object
|
1059
|
+
when Hash
|
1060
|
+
object.keys.each do |key|
|
1061
|
+
value = object.delete(key)
|
1062
|
+
object[yield(key)] = _deep_transform_keys_in_object!(value, &block)
|
1063
|
+
end
|
1064
|
+
object
|
1065
|
+
when Parameters
|
1066
|
+
if object.permitted?
|
1067
|
+
object.to_h.deep_transform_keys!(&block)
|
1068
|
+
else
|
1069
|
+
object.to_unsafe_h.deep_transform_keys!(&block)
|
1070
|
+
end
|
1071
|
+
when Array
|
1072
|
+
object.map! { |e| _deep_transform_keys_in_object!(e, &block) }
|
1073
|
+
else
|
1074
|
+
object
|
1075
|
+
end
|
1076
|
+
end
|
1077
|
+
|
1038
1078
|
def specify_numeric_keys?(filter)
|
1039
1079
|
if filter.respond_to?(:keys)
|
1040
1080
|
filter.keys.any? { |key| /\A-?\d+\z/.match?(key) }
|
@@ -284,13 +284,13 @@ module ActionController
|
|
284
284
|
# ActionController::TestCase will also automatically provide the following instance
|
285
285
|
# variables for use in the tests:
|
286
286
|
#
|
287
|
-
#
|
287
|
+
# @controller::
|
288
288
|
# The controller instance that will be tested.
|
289
|
-
#
|
289
|
+
# @request::
|
290
290
|
# An ActionController::TestRequest, representing the current HTTP
|
291
291
|
# request. You can modify this object before sending the HTTP request. For example,
|
292
292
|
# you might want to set some session properties before sending a GET request.
|
293
|
-
#
|
293
|
+
# @response::
|
294
294
|
# An ActionDispatch::TestResponse object, representing the response
|
295
295
|
# of the last HTTP response. In the above example, <tt>@response</tt> becomes valid
|
296
296
|
# after calling +post+. If the various assert methods are not sufficient, then you
|
data/lib/action_controller.rb
CHANGED
@@ -62,8 +62,11 @@ module ActionController
|
|
62
62
|
autoload :ApiRendering
|
63
63
|
end
|
64
64
|
|
65
|
-
|
66
|
-
|
65
|
+
autoload_at "action_controller/test_case" do
|
66
|
+
autoload :TestCase
|
67
|
+
autoload :TestRequest
|
68
|
+
autoload :TemplateAssertions
|
69
|
+
end
|
67
70
|
end
|
68
71
|
|
69
72
|
# Common Active Support usage in Action Controller
|
@@ -64,12 +64,17 @@ module ActionDispatch
|
|
64
64
|
ActiveSupport::ParameterFilter.new(filters)
|
65
65
|
end
|
66
66
|
|
67
|
-
KV_RE = "[^&;=]+"
|
68
|
-
PAIR_RE = %r{(#{KV_RE})=(#{KV_RE})}
|
69
67
|
def filtered_query_string # :doc:
|
70
|
-
query_string.
|
71
|
-
|
68
|
+
parts = query_string.split(/([&;])/)
|
69
|
+
filtered_parts = parts.map do |part|
|
70
|
+
if part.include?("=")
|
71
|
+
key, value = part.split("=", 2)
|
72
|
+
parameter_filter.filter(key => value).first.join("=")
|
73
|
+
else
|
74
|
+
part
|
75
|
+
end
|
72
76
|
end
|
77
|
+
filtered_parts.join("")
|
73
78
|
end
|
74
79
|
end
|
75
80
|
end
|
@@ -162,8 +162,11 @@ module Mime
|
|
162
162
|
end
|
163
163
|
|
164
164
|
def lookup(string)
|
165
|
+
return LOOKUP[string] if LOOKUP.key?(string)
|
166
|
+
|
165
167
|
# fallback to the media-type without parameters if it was not found
|
166
|
-
|
168
|
+
string = string.split(";", 2)[0]&.rstrip
|
169
|
+
LOOKUP[string] || Type.new(string)
|
167
170
|
end
|
168
171
|
|
169
172
|
def lookup_by_extension(extension)
|
@@ -35,7 +35,6 @@ module ActionDispatch # :nodoc:
|
|
35
35
|
def call(env)
|
36
36
|
_, headers, _ = response = @app.call(env)
|
37
37
|
|
38
|
-
return response unless html_response?(headers)
|
39
38
|
return response if policy_present?(headers)
|
40
39
|
|
41
40
|
request = ActionDispatch::Request.new(env)
|
@@ -52,12 +51,6 @@ module ActionDispatch # :nodoc:
|
|
52
51
|
end
|
53
52
|
|
54
53
|
private
|
55
|
-
def html_response?(headers)
|
56
|
-
if content_type = headers[Rack::CONTENT_TYPE]
|
57
|
-
content_type.include?("html")
|
58
|
-
end
|
59
|
-
end
|
60
|
-
|
61
54
|
def policy_present?(headers)
|
62
55
|
headers[ActionDispatch::Constants::FEATURE_POLICY]
|
63
56
|
end
|
@@ -96,7 +89,7 @@ module ActionDispatch # :nodoc:
|
|
96
89
|
geolocation: "geolocation",
|
97
90
|
gyroscope: "gyroscope",
|
98
91
|
hid: "hid",
|
99
|
-
idle_detection: "
|
92
|
+
idle_detection: "idle-detection",
|
100
93
|
magnetometer: "magnetometer",
|
101
94
|
microphone: "microphone",
|
102
95
|
midi: "midi",
|
@@ -229,11 +229,12 @@ module ActionDispatch
|
|
229
229
|
# Early Hints is an HTTP/2 status code that indicates hints to help a client start
|
230
230
|
# making preparations for processing the final response.
|
231
231
|
#
|
232
|
-
# If the env contains +rack.early_hints+ then the server accepts HTTP2 push for
|
232
|
+
# If the env contains +rack.early_hints+ then the server accepts HTTP2 push for
|
233
|
+
# link headers.
|
233
234
|
#
|
234
235
|
# The +send_early_hints+ method accepts a hash of links as follows:
|
235
236
|
#
|
236
|
-
# send_early_hints("
|
237
|
+
# send_early_hints("link" => "</style.css>; rel=preload; as=style,</script.js>; rel=preload")
|
237
238
|
#
|
238
239
|
# If you are using +javascript_include_tag+ or +stylesheet_link_tag+ the
|
239
240
|
# Early Hints headers are included by default if supported.
|
@@ -339,7 +340,6 @@ module ActionDispatch
|
|
339
340
|
def raw_post
|
340
341
|
unless has_header? "RAW_POST_DATA"
|
341
342
|
set_header("RAW_POST_DATA", read_body_stream)
|
342
|
-
body_stream.rewind if body_stream.respond_to?(:rewind)
|
343
343
|
end
|
344
344
|
get_header "RAW_POST_DATA"
|
345
345
|
end
|
@@ -467,9 +467,29 @@ module ActionDispatch
|
|
467
467
|
end
|
468
468
|
|
469
469
|
def read_body_stream
|
470
|
-
|
471
|
-
|
472
|
-
|
470
|
+
if body_stream
|
471
|
+
reset_stream(body_stream) do
|
472
|
+
if headers.key?("Transfer-Encoding")
|
473
|
+
body_stream.read # Read body stream until EOF if "Transfer-Encoding" is present
|
474
|
+
else
|
475
|
+
body_stream.read(content_length)
|
476
|
+
end
|
477
|
+
end
|
478
|
+
end
|
479
|
+
end
|
480
|
+
|
481
|
+
def reset_stream(body_stream)
|
482
|
+
if body_stream.respond_to?(:rewind)
|
483
|
+
body_stream.rewind
|
484
|
+
|
485
|
+
content = yield
|
486
|
+
|
487
|
+
body_stream.rewind
|
488
|
+
|
489
|
+
content
|
490
|
+
else
|
491
|
+
yield
|
492
|
+
end
|
473
493
|
end
|
474
494
|
end
|
475
495
|
end
|
@@ -12,6 +12,12 @@ module ActionDispatch
|
|
12
12
|
state = @executor.run!(reset: true)
|
13
13
|
begin
|
14
14
|
response = @app.call(env)
|
15
|
+
|
16
|
+
if env["action_dispatch.report_exception"]
|
17
|
+
error = env["action_dispatch.exception"]
|
18
|
+
@executor.error_reporter.report(error, handled: false, source: "application.action_dispatch")
|
19
|
+
end
|
20
|
+
|
15
21
|
returned = response << ::Rack::BodyProxy.new(response.pop) { state.complete! }
|
16
22
|
rescue => error
|
17
23
|
@executor.error_reporter.report(error, handled: false, source: "application.action_dispatch")
|
@@ -33,8 +33,11 @@ module ActionDispatch
|
|
33
33
|
request = ActionDispatch::Request.new env
|
34
34
|
backtrace_cleaner = request.get_header("action_dispatch.backtrace_cleaner")
|
35
35
|
wrapper = ExceptionWrapper.new(backtrace_cleaner, exception)
|
36
|
+
request.set_header "action_dispatch.exception", wrapper.unwrapped_exception
|
37
|
+
request.set_header "action_dispatch.report_exception", !wrapper.rescue_response?
|
38
|
+
|
36
39
|
if wrapper.show?(request)
|
37
|
-
render_exception(request, wrapper)
|
40
|
+
render_exception(request.dup, wrapper)
|
38
41
|
else
|
39
42
|
raise exception
|
40
43
|
end
|
@@ -43,7 +46,6 @@ module ActionDispatch
|
|
43
46
|
private
|
44
47
|
def render_exception(request, wrapper)
|
45
48
|
status = wrapper.status_code
|
46
|
-
request.set_header "action_dispatch.exception", wrapper.unwrapped_exception
|
47
49
|
request.set_header "action_dispatch.original_path", request.path_info
|
48
50
|
request.set_header "action_dispatch.original_request_method", request.raw_request_method
|
49
51
|
fallback_to_html_format_if_invalid_mime_type(request)
|
@@ -65,9 +67,17 @@ module ActionDispatch
|
|
65
67
|
# If the MIME type for the request is invalid then the
|
66
68
|
# @exceptions_app may not be able to handle it. To make it
|
67
69
|
# easier to handle, we switch to HTML.
|
68
|
-
|
69
|
-
|
70
|
-
|
70
|
+
begin
|
71
|
+
request.content_mime_type
|
72
|
+
rescue ActionDispatch::Http::MimeNegotiation::InvalidType
|
73
|
+
request.set_header "CONTENT_TYPE", "text/html"
|
74
|
+
end
|
75
|
+
|
76
|
+
begin
|
77
|
+
request.formats
|
78
|
+
rescue ActionDispatch::Http::MimeNegotiation::InvalidType
|
79
|
+
request.set_header "HTTP_ACCEPT", "text/html"
|
80
|
+
end
|
71
81
|
end
|
72
82
|
|
73
83
|
def pass_response(status)
|
@@ -11,7 +11,7 @@
|
|
11
11
|
</p>
|
12
12
|
<p>
|
13
13
|
For example, a <code><%= @exception.controller %>#<%= @exception.action_name %></code> action defined in <code>app/controllers/<%= @exception.controller.controller_path %>_controller.rb</code> should have a corresponding view template
|
14
|
-
in a file named <code>app/views/<%= @exception.controller.
|
14
|
+
in a file named <code>app/views/<%= @exception.controller.controller_path %>/<%= @exception.action_name %>.html.erb</code>.
|
15
15
|
</p>
|
16
16
|
<p>
|
17
17
|
However, if this controller is an API endpoint responding with 204 (No Content), which does not require a view template because it doesn't serve an HTML response, then this error will occur when trying to access it with a browser. In this particular scenario, you can ignore this error.
|
@@ -69,7 +69,6 @@ module ActionDispatch
|
|
69
69
|
ActionDispatch::Cookies::CookieJar.always_write_cookie = config.action_dispatch.always_write_cookie
|
70
70
|
|
71
71
|
ActionDispatch::Routing::Mapper.route_source_locations = Rails.env.development?
|
72
|
-
ActionDispatch::Routing::Mapper.backtrace_cleaner = Rails.backtrace_cleaner
|
73
72
|
|
74
73
|
ActionDispatch.test_app = app
|
75
74
|
end
|
@@ -10,10 +10,19 @@ require "action_dispatch/routing/endpoint"
|
|
10
10
|
module ActionDispatch
|
11
11
|
module Routing
|
12
12
|
class Mapper
|
13
|
+
class BacktraceCleaner < ActiveSupport::BacktraceCleaner # :nodoc:
|
14
|
+
def initialize
|
15
|
+
super
|
16
|
+
remove_silencers!
|
17
|
+
add_core_silencer
|
18
|
+
add_stdlib_silencer
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
13
22
|
URL_OPTIONS = [:protocol, :subdomain, :domain, :host, :port]
|
14
23
|
|
15
24
|
cattr_accessor :route_source_locations, instance_accessor: false, default: false
|
16
|
-
cattr_accessor :backtrace_cleaner, instance_accessor: false, default:
|
25
|
+
cattr_accessor :backtrace_cleaner, instance_accessor: false, default: BacktraceCleaner.new
|
17
26
|
|
18
27
|
class Constraints < Routing::Endpoint # :nodoc:
|
19
28
|
attr_reader :app, :constraints
|
@@ -220,12 +229,17 @@ module ActionDispatch
|
|
220
229
|
if to.nil?
|
221
230
|
controller = default_controller
|
222
231
|
action = default_action
|
223
|
-
elsif to.is_a?(String)
|
224
|
-
|
225
|
-
|
226
|
-
|
232
|
+
elsif to.is_a?(String)
|
233
|
+
if to.include?("#")
|
234
|
+
to_endpoint = to.split("#").map!(&:-@)
|
235
|
+
controller = to_endpoint[0]
|
236
|
+
action = to_endpoint[1]
|
237
|
+
else
|
238
|
+
controller = default_controller
|
239
|
+
action = to
|
240
|
+
end
|
227
241
|
else
|
228
|
-
raise ArgumentError, ":to must respond to `action` or `call`, or it must be a String that includes '#'"
|
242
|
+
raise ArgumentError, ":to must respond to `action` or `call`, or it must be a String that includes '#', or the controller should be implicit"
|
229
243
|
end
|
230
244
|
|
231
245
|
controller = add_controller_module(controller, modyoule)
|
@@ -359,12 +373,35 @@ module ActionDispatch
|
|
359
373
|
Routing::RouteSet::Dispatcher.new raise_on_name_error
|
360
374
|
end
|
361
375
|
|
362
|
-
|
363
|
-
|
364
|
-
|
365
|
-
|
366
|
-
|
367
|
-
|
376
|
+
if Thread.respond_to?(:each_caller_location)
|
377
|
+
def route_source_location
|
378
|
+
if Mapper.route_source_locations
|
379
|
+
action_dispatch_dir = File.expand_path("..", __dir__)
|
380
|
+
Thread.each_caller_location do |location|
|
381
|
+
next if location.path.start_with?(action_dispatch_dir)
|
382
|
+
|
383
|
+
cleaned_path = Mapper.backtrace_cleaner.clean_frame(location.path)
|
384
|
+
next if cleaned_path.nil?
|
385
|
+
|
386
|
+
return "#{cleaned_path}:#{location.lineno}"
|
387
|
+
end
|
388
|
+
nil
|
389
|
+
end
|
390
|
+
end
|
391
|
+
else
|
392
|
+
def route_source_location
|
393
|
+
if Mapper.route_source_locations
|
394
|
+
action_dispatch_dir = File.expand_path("..", __dir__)
|
395
|
+
caller_locations.each do |location|
|
396
|
+
next if location.path.start_with?(action_dispatch_dir)
|
397
|
+
|
398
|
+
cleaned_path = Mapper.backtrace_cleaner.clean_frame(location.path)
|
399
|
+
next if cleaned_path.nil?
|
400
|
+
|
401
|
+
return "#{cleaned_path}:#{location.lineno}"
|
402
|
+
end
|
403
|
+
nil
|
404
|
+
end
|
368
405
|
end
|
369
406
|
end
|
370
407
|
end
|
@@ -680,7 +717,7 @@ module ActionDispatch
|
|
680
717
|
def optimize_routes_generation?; false; end
|
681
718
|
|
682
719
|
define_method :find_script_name do |options|
|
683
|
-
if options.key? :script_name
|
720
|
+
if options.key?(:script_name) && options[:script_name].present?
|
684
721
|
super(options)
|
685
722
|
else
|
686
723
|
script_namer.call(options)
|
@@ -70,7 +70,12 @@ module ActionDispatch
|
|
70
70
|
end
|
71
71
|
|
72
72
|
def resolve_driver_path(namespace)
|
73
|
-
|
73
|
+
# The path method has been deprecated in 4.20.0
|
74
|
+
if Gem::Version.new(::Selenium::WebDriver::VERSION) >= Gem::Version.new("4.20.0")
|
75
|
+
namespace::Service.driver_path = ::Selenium::WebDriver::DriverFinder.new(options, namespace::Service.new).driver_path
|
76
|
+
else
|
77
|
+
namespace::Service.driver_path = ::Selenium::WebDriver::DriverFinder.path(options, namespace::Service)
|
78
|
+
end
|
74
79
|
end
|
75
80
|
end
|
76
81
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: actionpack
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.1.
|
4
|
+
version: 7.1.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-10-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 7.1.
|
19
|
+
version: 7.1.4.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 7.1.
|
26
|
+
version: 7.1.4.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: nokogiri
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -128,28 +128,28 @@ dependencies:
|
|
128
128
|
requirements:
|
129
129
|
- - '='
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version: 7.1.
|
131
|
+
version: 7.1.4.1
|
132
132
|
type: :runtime
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
136
|
- - '='
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version: 7.1.
|
138
|
+
version: 7.1.4.1
|
139
139
|
- !ruby/object:Gem::Dependency
|
140
140
|
name: activemodel
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
142
142
|
requirements:
|
143
143
|
- - '='
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: 7.1.
|
145
|
+
version: 7.1.4.1
|
146
146
|
type: :development
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
150
|
- - '='
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: 7.1.
|
152
|
+
version: 7.1.4.1
|
153
153
|
description: Web apps on Rails. Simple, battle-tested conventions for building and
|
154
154
|
testing MVC web applications. Works with any Rack-compatible server.
|
155
155
|
email: david@loudthinking.com
|
@@ -346,12 +346,12 @@ licenses:
|
|
346
346
|
- MIT
|
347
347
|
metadata:
|
348
348
|
bug_tracker_uri: https://github.com/rails/rails/issues
|
349
|
-
changelog_uri: https://github.com/rails/rails/blob/v7.1.
|
350
|
-
documentation_uri: https://api.rubyonrails.org/v7.1.
|
349
|
+
changelog_uri: https://github.com/rails/rails/blob/v7.1.4.1/actionpack/CHANGELOG.md
|
350
|
+
documentation_uri: https://api.rubyonrails.org/v7.1.4.1/
|
351
351
|
mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
|
352
|
-
source_code_uri: https://github.com/rails/rails/tree/v7.1.
|
352
|
+
source_code_uri: https://github.com/rails/rails/tree/v7.1.4.1/actionpack
|
353
353
|
rubygems_mfa_required: 'true'
|
354
|
-
post_install_message:
|
354
|
+
post_install_message:
|
355
355
|
rdoc_options: []
|
356
356
|
require_paths:
|
357
357
|
- lib
|
@@ -367,8 +367,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
367
367
|
version: '0'
|
368
368
|
requirements:
|
369
369
|
- none
|
370
|
-
rubygems_version: 3.
|
371
|
-
signing_key:
|
370
|
+
rubygems_version: 3.5.16
|
371
|
+
signing_key:
|
372
372
|
specification_version: 4
|
373
373
|
summary: Web-flow and rendering framework putting the VC in MVC (part of Rails).
|
374
374
|
test_files: []
|